Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/59d06962-7aa4-4507-aeb0-a842d588bc31.roa
File:                     59d06962-7aa4-4507-aeb0-a842d588bc31.roa (raw, json)
Hash identifier:          o5P1WJNkgmiRNHttF3pqvCVG3+gP0bfK+wcM+g0pvBY=
Subject key identifier:   A5:A4:27:15:5D:4C:73:D3:B2:B2:F3:DD:89:E8:3E:E6:74:1D:67:EA
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       1B4FF6D7206A2EC4D86C410CE3AEEA68751849D2
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/59d06962-7aa4-4507-aeb0-a842d588bc31.roa
Signing time:             Wed 06 Aug 2025 00:40:44 +0000
ROA not before:           Wed 06 Aug 2025 00:40:44 +0000
ROA not after:            Wed 10 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:9cc0:549::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:4f:f6:d7:20:6a:2e:c4:d8:6c:41:0c:e3:ae:ea:68:75:18:49:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Aug  6 00:40:44 2025 GMT
            Not After : Sep 10 23:59:59 2025 GMT
        Subject: serialNumber=baa10365ee5ed121fab3987e5312382cfb04b705bd2fb5b49371c301e1b170fe, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:bd:14:15:75:9a:4c:dd:8e:68:57:12:26:fa:
                    39:6e:5a:58:67:8f:3a:f5:5f:a3:7c:84:7a:23:36:
                    b9:00:72:7e:d3:55:c2:65:a4:bb:56:d4:5e:1b:77:
                    9d:24:08:3e:c3:48:83:9f:99:e9:d3:4c:14:ce:8c:
                    16:a5:1b:ef:41:4e:9b:65:99:f3:cf:4a:62:17:99:
                    ab:da:c0:ee:10:60:2a:f6:cb:ea:09:9b:a9:71:39:
                    48:d6:e7:46:09:03:09:49:48:43:ce:6e:08:b5:cc:
                    c5:3e:f1:85:c6:96:3d:d3:5b:b4:2c:4c:e6:0d:56:
                    c4:93:27:6d:70:ef:c6:18:08:d8:1d:5b:cc:96:f8:
                    fd:87:2c:36:7b:6d:e3:63:8b:5e:5f:6e:f2:a9:a7:
                    55:9f:d2:30:ba:9e:83:ae:b5:b7:29:e5:a7:6c:5d:
                    c8:aa:92:eb:5c:bf:58:18:12:d2:39:48:62:a4:5e:
                    2a:68:f2:28:41:50:d9:e0:fa:24:4d:67:c0:4f:47:
                    c5:a0:1a:fb:3a:66:e6:96:2c:e7:05:5f:5e:7c:74:
                    8d:77:ec:63:4c:4a:56:53:5a:2b:40:a2:7e:93:97:
                    90:ca:3f:a0:d4:3c:50:2b:e8:e1:6c:73:6e:dd:a3:
                    70:bd:06:19:94:bf:7f:8d:85:8d:2e:39:76:e7:01:
                    c2:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:A4:27:15:5D:4C:73:D3:B2:B2:F3:DD:89:E8:3E:E6:74:1D:67:EA
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/59d06962-7aa4-4507-aeb0-a842d588bc31.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:549::/48

    Signature Algorithm: sha256WithRSAEncryption
         aa:99:66:2f:9a:22:38:87:71:e6:81:af:72:5b:66:fc:4b:ac:
         06:50:f4:bb:fb:0a:5f:16:3e:e8:7c:10:20:d9:d3:a0:fb:e1:
         a1:b0:5a:99:c6:10:bf:7f:98:93:8a:8b:8f:1a:c1:6a:f4:da:
         1f:9d:56:12:6a:ad:60:74:ec:cb:82:28:b6:6a:f3:e1:f4:37:
         b0:29:52:b0:2c:27:2d:fc:8a:df:99:1d:71:c8:12:24:d6:bb:
         23:cb:8b:da:d0:77:30:19:c7:38:3b:c5:7c:69:cc:8a:72:9d:
         9f:2d:58:ac:d2:54:4a:e9:55:6d:2c:29:7c:e3:49:2a:98:69:
         46:92:48:42:8c:c7:3a:35:f7:7f:4f:0f:03:d7:b6:50:c2:c8:
         63:b0:75:ab:8f:2b:24:47:9a:b7:07:41:eb:fd:6e:73:78:6e:
         02:65:13:38:5f:68:bc:a7:45:ab:33:aa:b2:fd:47:4b:b7:64:
         e0:78:a3:21:fd:42:4b:aa:0a:ca:61:16:2b:b1:6e:a0:d9:0c:
         46:0d:ec:c9:dc:b4:c9:ad:d2:c2:d8:d0:68:96:0d:63:74:32:
         13:75:ad:93:45:c2:a0:1a:07:4f:bc:f5:61:ee:58:59:c9:a8:
         30:ce:79:dc:0f:34:2b:8d:4d:27:91:6d:10:41:65:e8:9c:9b:
         0f:ac:ab:3c
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUG0/21yBqLsTYbEEM467qaHUYSdIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwODA2MDA0MDQ0WhcNMjUwOTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiYWExMDM2NWVlNWVkMTIxZmFiMzk4N2U1MzEyMzgyY2Zi
MDRiNzA1YmQyZmI1YjQ5MzcxYzMwMWUxYjE3MGZlMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCQvRQVdZpM3Y5oVxIm+jluWlhnjzr1X6N8hHojNrkAcn7T
VcJlpLtW1F4bd50kCD7DSIOfmenTTBTOjBalG+9BTptlmfPPSmIXmavawO4QYCr2
y+oJm6lxOUjW50YJAwlJSEPObgi1zMU+8YXGlj3TW7QsTOYNVsSTJ21w78YYCNgd
W8yW+P2HLDZ7beNji15fbvKpp1Wf0jC6noOutbcp5adsXciqkutcv1gYEtI5SGKk
Xipo8ihBUNng+iRNZ8BPR8WgGvs6ZuaWLOcFX158dI137GNMSlZTWitAon6Tl5DK
P6DUPFAr6OFsc27do3C9BhmUv3+NhY0uOXbnAcKnAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUpaQnFV1Mc9OysvPdieg+5nQdZ+owHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzU5ZDA2OTYyLTdhYTQtNDUwNy1hZWIwLWE4NDJkNTg4YmMzMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABUkwDQYJKoZIhvcNAQELBQADggEBAKqZZi+aIjiHceaBr3JbZvxL
rAZQ9Lv7Cl8WPuh8ECDZ06D74aGwWpnGEL9/mJOKi48awWr02h+dVhJqrWB07MuC
KLZq8+H0N7ApUrAsJy38it+ZHXHIEiTWuyPLi9rQdzAZxzg7xXxpzIpynZ8tWKzS
VErpVW0sKXzjSSqYaUaSSEKMxzo1939PDwPXtlDCyGOwdauPKyRHmrcHQev9bnN4
bgJlEzhfaLynRaszqrL9R0u3ZOB4oyH9QkuqCsphFiuxbqDZDEYN7MnctMmt0sLY
0GiWDWN0MhN1rZNFwqAaB0+89WHuWFnJqDDOedwPNCuNTSeRbRBBZeicmw+sqzw=
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:09:58 2025 by rpki-client